Fullerton India - Vice President - Internal Tech Audit

To provide independent and objective assurance on the management of risk throughout the organization using a robust audit framework.

- To evaluate the adequacy and effectiveness of management implemented controls with the objective of presenting to the Audit Committee (AC) and the management with analyses, appraisals and recommendations concerning the entities audited.

Key Performance Indicators :

- Adherance to the Audit Calendar planned.

- Check on the security incidents if configured with SLAs.

- Undertake checks on samples across Corporate Email and Internet communication.

- Potential savings for Organisation identified through Audits.

- Measuring the effectiveness at Sampling and Prevention Tool to contain the frauds/information leak at the endpoints.

- Clear understanding and implementation of measures in hardware and network functioning.

- Feedback from Board and Audit Committee.

- Coverage of key risks

- Completion of Audit as per schedule

- Customer complaints vs Recommendation.

- Proportion of recommendations accepted

- Check and recommend on financial loss / reputational risk on account of IT security threat within in the approved and protected framework

- Provide an independent report for management to assist the disciplinary process

- Undertake Information Security Reviews to ensure Privacy and Data Security for FICC customer information.

- Capability building: Run relevant training interventions across verticals in consultation with HC to up the capability quotient.

- Development and Training for all employees, team as per the requisite skill set of the team - Training to team on various innovative techniques of forensic Investigations and acquiring skilful art of detecting Data Leak instances

- Process improvements implemented as a result of audit

- Initiatives / Projects undertaken to drive process improvements.

Experience with following tools and technologies is a must :

- Experience in configuring Anomaly detection and SIM.

- Strong understanding of various DLP tools such as Websense, McAfee In-Defend.

- Experienced in setting up and testing Cloud Security products.

- Advanced understanding of Vulnerability Assessment and Heuristics is essential.

- Should have implemented ISO 27001 standards

- Good understanding of BCP and DR

- Proficient in Policy and Process documentation and management

- Experienced in implementing Mobile Security including MDM

- Good understanding of PIM (Privileged Identity Management) tools and techniques.

- Good understanding of Phishing identification and site takedown